public InspectionResult InspectQuery(EntityQuery2 query)
{
if (query.IsForEntity(User.ENTITY))
{
if (_securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserManagement))
{
return(InspectionResult.Allow);
}
else if (query.GetRuleByProperty("Id") != null && Convert.ToInt32(query.GetRuleByProperty("Id").Values[0]) == _securityService.CurrentUser.Id)
{
return(InspectionResult.Allow);
}
if (query.HasProperty("RecoveryCode"))
{
return(InspectionResult.Deny); //Only users with UserManagement permission can access this property
}
bool hasUserActivationPermission = _securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserActivation);
var isActiveRule = query.Rules.Find(r => r.IsForProperty("IsActive"));
if (isActiveRule != null &&
isActiveRule.Values.Count() == 1 &&
Convert.ToBoolean(isActiveRule.Values.Single()) == false &&
hasUserActivationPermission)
{
return(InspectionResult.Allow);
}
if (hasUserActivationPermission && !query.HasProperty("IsActive"))
{
query.AddProperty("IsActive");
}
}
else if (query.IsForEntity(UserGroup.ENTITY))
{
if (_securityService.CurrentUser.UserType == UserTypes.Librarian ||
_securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserGroupManagement) ||
_securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserActivation))
{
return(InspectionResult.Allow);
}
else if (query.GetRuleByProperty("UserType") != null &&
(UserTypes)Convert.ToInt32(query.GetRuleByProperty("UserType").Values[0]) == _securityService.CurrentUser.UserType &&
!query.HasInclude("User", "UserGroup"))
{
return(InspectionResult.Allow);
}
}
return(InspectionResult.None);
}
public InspectionResult InspectQuery(EntityQuery2 query)
{
if (query.IsForEntity("Arguments") && _securityService.HasModulePermission(_securityService.CurrentUser, BiblListModule.Id, Permissions.Use))
{
return(InspectionResult.Allow);
}
if (query.IsForEntity(EntityConsts.BibliographicListQuery) ||
query.IsForEntity(EntityConsts.BibliographicListStandart))
{
if (_securityService.HasModulePermission(_securityService.CurrentUser, BiblListModule.Id, Permissions.Use))
{
if (_securityService.CurrentUser.UserType == UserTypes.Librarian)
{
return(InspectionResult.Allow);
}
else if (_securityService.CurrentUser.UserType == UserTypes.Customer && query.IsForEntity(EntityConsts.BibliographicListQuery))
{
var relToMe = query.GetRelatedQuery(User.ENTITY, Roles.Customer);
if (relToMe != null && relToMe.GetSingleId().HasValue&& relToMe.GetSingleId().Value == _securityService.CurrentUser.Id)
{
return(InspectionResult.Allow);
}
else if (!query.HasInclude(User.ENTITY, Roles.Customer))
{
query.Include(User.ENTITY, Roles.Customer);
}
}
else
{
return(InspectionResult.Allow);
}
}
}
else if (query.IsForEntity(Payment.ENTITY) &&
_securityService.CurrentUser.UserType == UserTypes.Librarian &&
_securityService.HasModulePermission(_securityService.CurrentUser, BiblListModule.Id, Permissions.Use))
{
if (query.GetRelatedQuery(EntityConsts.BibliographicListQuery, Roles.Payment) != null)
{
return(InspectionResult.Allow);
}
else if (!query.HasInclude(EntityConsts.BibliographicListQuery, Roles.Payment))
{
query.Include(EntityConsts.BibliographicListQuery, Roles.Payment);
}
}
return(InspectionResult.None);
}
public InspectionResult InspectResult(EntityQuery2 query, IEnumerable <Entity> entities)
{
if (query.IsForEntity(Notification.ENTITY))
{
bool relatedToMe = true;
foreach (var en in entities)
{
relatedToMe = false;
var sender = en.GetSingleRelation(User.ENTITY, Roles.Sender);
if (sender != null && sender.Entity.Id == _securityService.CurrentUser.Id)
{
relatedToMe = true;
continue;
}
var rec = en.GetSingleRelation(User.ENTITY, Roles.Recipient);
if (rec != null && rec.Entity.Id == _securityService.CurrentUser.Id)
{
relatedToMe = true;
continue;
}
if (!relatedToMe)
{
break;
}
}
if (relatedToMe)
{
return(InspectionResult.Allow);
}
}
return(InspectionResult.None);
}
public InspectionResult InspectResult(EntityQuery2 query, IEnumerable <Entity> entities)
{
if (query.IsForEntity(Inquery.EntityType) &&
_securityService.HasModulePermission(_securityService.CurrentUser, AskTheLibModule.Id, Permissions.Use))
{
if (_securityService.CurrentUser.UserType == UserTypes.Librarian)
{
return(InspectionResult.Allow);
}
else if (_securityService.CurrentUser.UserType == UserTypes.Customer)
{
bool isMe = false;
foreach (var e in entities)
{
isMe = false;
var rel = e.GetSingleRelation(User.ENTITY, RelationConsts.Customer);
if (rel != null && rel.Entity.Id == _securityService.CurrentUser.Id)
{
isMe = true;
}
if (!isMe)
{
break;
}
}
if (isMe)
{
return(InspectionResult.Allow);
}
}
}
return(InspectionResult.None);
}
public InspectionResult InspectQuery(EntityQuery2 query)
{
if (query.IsForEntity(Notification.ENTITY))
{
var relToSender = query.GetRelatedQuery(User.ENTITY, Roles.Sender);
if (relToSender != null)
{
var id = relToSender.GetSingleId();
if (id.HasValue && id.Value == _securityService.CurrentUser.Id)
{
return(InspectionResult.Allow);
}
}
var relToRecipient = query.GetRelatedQuery(User.ENTITY, Roles.Recipient);
if (relToRecipient != null)
{
var id = relToRecipient.GetSingleId();
if (id.HasValue && id.Value == _securityService.CurrentUser.Id)
{
return(InspectionResult.Allow);
}
}
if (relToRecipient == null)
{
query.Include(User.ENTITY, Roles.Recipient);
}
if (relToSender != null)
{
query.Include(User.ENTITY, Roles.Sender);
}
}
return(InspectionResult.None);
}
public InspectionResult InspectResult(EntityQuery2 query, IEnumerable<Entity> entities)
{
if (query.IsForEntity(Inquery.EntityType)
&& _securityService.HasModulePermission(_securityService.CurrentUser, AskTheLibModule.Id, Permissions.Use))
{
if (_securityService.CurrentUser.UserType == UserTypes.Librarian)
return InspectionResult.Allow;
else if (_securityService.CurrentUser.UserType == UserTypes.Customer)
{
bool isMe = false;
foreach (var e in entities)
{
isMe = false;
var rel = e.GetSingleRelation(User.ENTITY, RelationConsts.Customer);
if (rel != null && rel.Entity.Id == _securityService.CurrentUser.Id)
isMe = true;
if (!isMe)
break;
}
if (isMe)
return InspectionResult.Allow;
}
}
return InspectionResult.None;
}
public InspectionResult InspectQuery(EntityQuery2 query)
{
if (query.IsForEntity("Arguments") && _securityService.HasModulePermission(_securityService.CurrentUser, AskTheLibModule.Id, Permissions.Use))
{
return(InspectionResult.Allow);
}
else if (query.IsForEntity(Inquery.EntityType))
{
if (_securityService.HasModulePermission(_securityService.CurrentUser, AskTheLibModule.Id, Permissions.Use))
{
if (_securityService.CurrentUser.UserType == UserTypes.Librarian)
{
return(InspectionResult.Allow);
}
else if (_securityService.CurrentUser.UserType == UserTypes.Customer)
{
var relTo = query.GetRelatedQuery(User.ENTITY, RelationConsts.Customer);
if (relTo != null && relTo.GetSingleId().HasValue&& relTo.GetSingleId().Value == _securityService.CurrentUser.Id)
{
return(InspectionResult.Allow);
}
else if (!query.HasInclude(User.ENTITY, RelationConsts.Customer))
{
query.Include(User.ENTITY, RelationConsts.Customer);
}
}
}
}
else if (query.IsForEntity(User.ENTITY))
{
if (_securityService.HasModulePermission(_securityService.CurrentUser, AskTheLibModule.Id, Permissions.Use) &&
_securityService.CurrentUser.UserType == UserTypes.Librarian)
{
return(InspectionResult.Allow);
}
}
else if (query.IsForEntity(Notification.ENTITY) &&
_securityService.CurrentUser.UserType == UserTypes.Librarian &&
_securityService.HasModulePermission(_securityService.CurrentUser, AskTheLibModule.Id, Permissions.Use) &&
query.GetRelatedQuery(Inquery.EntityType, RelationConsts.Inquery) != null)
{
return(InspectionResult.Allow);
}
return(InspectionResult.None);
}
public InspectionResult InspectResult(EntityQuery2 query, IEnumerable <Entity> entities)
{
if (query.IsForEntity(EntityConsts.BibliographicListQuery) &&
_securityService.CurrentUser.UserType == UserTypes.Customer &&
_securityService.HasModulePermission(_securityService.CurrentUser, BiblListModule.Id, Permissions.Use) &&
query.HasInclude(User.ENTITY, Roles.Customer))
{
bool isMe = true;
foreach (var e in entities)
{
var rel = e.GetSingleRelation(User.ENTITY, Roles.Customer);
if (rel == null || rel.Entity.Id != _securityService.CurrentUser.Id)
{
isMe = false;
break;
}
}
if (isMe)
{
return(InspectionResult.Allow);
}
}
else if (query.IsForEntity(Payment.ENTITY) && query.HasInclude(EntityConsts.BibliographicListQuery, Roles.Payment))
{
bool ok = true;
foreach (var e in entities)
{
var rel = e.GetSingleRelation(EntityConsts.BibliographicListQuery, Roles.Payment);
if (rel == null)
{
ok = false;
break;
}
}
if (ok)
{
return(InspectionResult.Allow);
}
}
return(InspectionResult.None);
}
public InspectionResult InspectQuery(EntityQuery2 query)
{
if (query.IsForEntity(EntityConsts.Magazine) ||
query.IsForEntity(EntityConsts.Issue) ||
query.IsForEntity(EntityConsts.MagazineCategory) ||
(query.IsForEntity(User.ENTITY) && _securityService.CurrentUser.UserType == UserTypes.Librarian))
{
if (_securityService.HasModulePermission(_securityService.CurrentUser, MyMagazinesModule.Id, Permissions.Use))
{
return(InspectionResult.Allow);//TODO: MyMagazines inspect query
}
}
else if (query.IsForEntity(Notification.ENTITY) &&
_securityService.CurrentUser.UserType == UserTypes.Librarian &&
_securityService.HasModulePermission(_securityService.CurrentUser, MyMagazinesModule.Id, Permissions.Use))
{
query.Include(EntityConsts.Issue, Notification.ROLE);
}
return(InspectionResult.None);
}
public InspectionResult InspectQuery(EntityQuery2 query)
{
if (query.IsForEntity("Arguments") && _securityService.HasModulePermission(_securityService.CurrentUser, AskTheLibModule.Id, Permissions.Use))
return InspectionResult.Allow;
else if (query.IsForEntity(Inquery.EntityType))
{
if (_securityService.HasModulePermission(_securityService.CurrentUser, AskTheLibModule.Id, Permissions.Use))
{
if (_securityService.CurrentUser.UserType == UserTypes.Librarian)
return InspectionResult.Allow;
else if (_securityService.CurrentUser.UserType == UserTypes.Customer)
{
var relTo = query.GetRelatedQuery(User.ENTITY, RelationConsts.Customer);
if (relTo != null && relTo.GetSingleId().HasValue && relTo.GetSingleId().Value == _securityService.CurrentUser.Id)
return InspectionResult.Allow;
else if (!query.HasInclude(User.ENTITY, RelationConsts.Customer))
query.Include(User.ENTITY, RelationConsts.Customer);
}
}
}
else if (query.IsForEntity(User.ENTITY))
{
if (_securityService.HasModulePermission(_securityService.CurrentUser, AskTheLibModule.Id, Permissions.Use)
&& _securityService.CurrentUser.UserType == UserTypes.Librarian)
{
return InspectionResult.Allow;
}
}
else if (query.IsForEntity(Notification.ENTITY)
&& _securityService.CurrentUser.UserType == UserTypes.Librarian
&& _securityService.HasModulePermission(_securityService.CurrentUser, AskTheLibModule.Id, Permissions.Use)
&& query.GetRelatedQuery(Inquery.EntityType, RelationConsts.Inquery) != null)
{
return InspectionResult.Allow;
}
return InspectionResult.None;
}
public InspectionResult InspectQuery(EntityQuery2 query)
{
if (query.IsForEntity(User.ENTITY))
{
if (_securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserManagement))
return InspectionResult.Allow;
else if (query.GetRuleByProperty("Id") != null && Convert.ToInt32(query.GetRuleByProperty("Id").Values[0]) == _securityService.CurrentUser.Id)
return InspectionResult.Allow;
if (query.HasProperty("RecoveryCode"))
return InspectionResult.Deny; //Only users with UserManagement permission can access this property
bool hasUserActivationPermission = _securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserActivation);
var isActiveRule = query.Rules.Find(r => r.IsForProperty("IsActive"));
if (isActiveRule != null
&& isActiveRule.Values.Count() == 1
&& Convert.ToBoolean(isActiveRule.Values.Single()) == false
&& hasUserActivationPermission)
return InspectionResult.Allow;
if (hasUserActivationPermission && !query.HasProperty("IsActive"))
query.AddProperty("IsActive");
}
else if (query.IsForEntity(UserGroup.ENTITY))
{
if (_securityService.CurrentUser.UserType == UserTypes.Librarian
|| _securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserGroupManagement)
|| _securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserActivation))
return InspectionResult.Allow;
else if (query.GetRuleByProperty("UserType") != null
&& (UserTypes)Convert.ToInt32(query.GetRuleByProperty("UserType").Values[0]) == _securityService.CurrentUser.UserType
&& !query.HasInclude("User", "UserGroup"))
return InspectionResult.Allow;
}
return InspectionResult.None;
}
public InspectionResult InspectResult(EntityQuery2 query, IEnumerable <Entity> entities)
{
if (query.IsForEntity(NbuLibrary.Core.Domain.File.ENTITY))
{
foreach (var e in entities)
{
if (_fileService.HasAccess(_securityService.CurrentUser, e.Id))
{
return(InspectionResult.Allow);
}
}
}
return(InspectionResult.None);
}
public InspectionResult InspectQuery(EntityQuery2 query)
{
if (query.IsForEntity(Payment.ENTITY))
{
var cust = query.GetRelatedQuery(User.ENTITY, Payment.ROLE_CUSTOMER);
if (cust != null && cust.GetSingleId().HasValue&& cust.GetSingleId().Value == _securityService.CurrentUser.Id)
{
return(InspectionResult.Allow);
}
else if (!query.HasInclude(User.ENTITY, Payment.ROLE_CUSTOMER))
{
query.Include(User.ENTITY, Payment.ROLE_CUSTOMER);
}
}
return(InspectionResult.None);
}
public InspectionResult InspectResult(EntityQuery2 query, IEnumerable <Entity> entities)
{
if (query.IsForEntity(Payment.ENTITY))
{
bool mine = true;
foreach (var e in entities)
{
var rel = e.GetSingleRelation(User.ENTITY, Payment.ROLE_CUSTOMER);
if (rel == null || rel.Entity.Id != _securityService.CurrentUser.Id)
{
mine = false;
break;
}
}
if (mine)
{
return(InspectionResult.Allow);
}
}
return(InspectionResult.None);
}
public InspectionResult InspectResult(EntityQuery2 query, IEnumerable <Entity> entities)
{
if (query.IsForEntity(Notification.ENTITY) &&
_securityService.CurrentUser.UserType == UserTypes.Librarian &&
_securityService.HasModulePermission(_securityService.CurrentUser, MyMagazinesModule.Id, Permissions.Use))
{
bool allowed = true;
foreach (var entity in entities)
{
var issue = entity.GetSingleRelation(EntityConsts.Issue, Notification.ROLE);
if (issue == null)
{
allowed = false;
break;
}
}
if (allowed)
{
return(InspectionResult.Allow);
}
}
return(InspectionResult.None);
}
public InspectionResult InspectQuery(EntityQuery2 query)
{
if (query.IsForEntity(Notification.ENTITY))
{
var relToSender = query.GetRelatedQuery(User.ENTITY, Roles.Sender);
if (relToSender != null)
{
var id = relToSender.GetSingleId();
if (id.HasValue && id.Value == _securityService.CurrentUser.Id)
return InspectionResult.Allow;
}
var relToRecipient = query.GetRelatedQuery(User.ENTITY, Roles.Recipient);
if (relToRecipient != null)
{
var id = relToRecipient.GetSingleId();
if (id.HasValue && id.Value == _securityService.CurrentUser.Id)
return InspectionResult.Allow;
}
if (relToRecipient == null)
{
query.Include(User.ENTITY, Roles.Recipient);
}
if (relToSender != null)
{
query.Include(User.ENTITY, Roles.Sender);
}
}
return InspectionResult.None;
}
public InspectionResult InspectResult(EntityQuery2 query, IEnumerable<Entity> entities)
{
if (query.IsForEntity(Notification.ENTITY))
{
bool relatedToMe = true;
foreach (var en in entities)
{
relatedToMe = false;
var sender = en.GetSingleRelation(User.ENTITY, Roles.Sender);
if (sender != null && sender.Entity.Id == _securityService.CurrentUser.Id)
{
relatedToMe = true;
continue;
}
var rec = en.GetSingleRelation(User.ENTITY, Roles.Recipient);
if (rec != null && rec.Entity.Id == _securityService.CurrentUser.Id)
{
relatedToMe = true;
continue;
}
if (!relatedToMe)
break;
}
if (relatedToMe)
return InspectionResult.Allow;
}
return InspectionResult.None;
}
public InspectionResult InspectResult(EntityQuery2 query, IEnumerable <Entity> entity)
{
if (query.IsForEntity(User.ENTITY))
{
foreach (var e in entity)
{
if (e.Data.ContainsKey("Password"))
{
e.SetData <string>("Password", "******");
}
}
if (_securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserManagement))
{
return(InspectionResult.Allow);
}
else if (_securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserActivation))
{
foreach (var e in entity)
{
if (e.GetData <bool>("IsActive") == true)
{
return(InspectionResult.None);
}
}
return(InspectionResult.Allow); //Only inactive users are returned and the user has permission to see inactive users
}
}
else if (query.IsForEntity(UserGroup.ENTITY))
{
if (_securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserGroupManagement))
{
return(InspectionResult.Allow);
}
}
foreach (var inc in query.Includes)
{
if (inc.Entity.Equals(User.ENTITY))
{
var rel = _domainService.Domain.Entities[query.Entity].GetRelation(inc.Entity, inc.Role);
if (rel != null && (rel.TypeFor(query.Entity) == RelationType.ManyToMany || rel.TypeFor(query.Entity) == RelationType.OneToMany))
{
foreach (var e in entity)
{
var users = e.GetManyRelations(inc.Entity, inc.Role);
foreach (var user in users)
{
if (user.Entity.Data.ContainsKey("Password"))
{
user.Entity.SetData <string>("Password", "******");
}
}
}
}
else if (rel != null)
{
foreach (var e in entity)
{
var user = e.GetSingleRelation(inc.Entity, inc.Role);
if (user != null && user.Data.ContainsKey("Password"))
{
user.SetData <string>("Password", "******");
}
}
}
}
}
return(InspectionResult.None);
}
public InspectionResult InspectResult(EntityQuery2 query, IEnumerable<Entity> entities)
{
if (query.IsForEntity(EntityConsts.BibliographicListQuery)
&& _securityService.CurrentUser.UserType == UserTypes.Customer
&& _securityService.HasModulePermission(_securityService.CurrentUser, BiblListModule.Id, Permissions.Use)
&& query.HasInclude(User.ENTITY, Roles.Customer))
{
bool isMe = true;
foreach (var e in entities)
{
var rel = e.GetSingleRelation(User.ENTITY, Roles.Customer);
if (rel == null || rel.Entity.Id != _securityService.CurrentUser.Id)
{
isMe = false;
break;
}
}
if (isMe)
return InspectionResult.Allow;
}
else if (query.IsForEntity(Payment.ENTITY) && query.HasInclude(EntityConsts.BibliographicListQuery, Roles.Payment))
{
bool ok = true;
foreach (var e in entities)
{
var rel = e.GetSingleRelation(EntityConsts.BibliographicListQuery, Roles.Payment);
if (rel == null)
{
ok = false;
break;
}
}
if (ok)
return InspectionResult.Allow;
}
return InspectionResult.None;
}
public InspectionResult InspectQuery(EntityQuery2 query)
{
if (query.IsForEntity("Arguments") && _securityService.HasModulePermission(_securityService.CurrentUser, BiblListModule.Id, Permissions.Use))
return InspectionResult.Allow;
if (query.IsForEntity(EntityConsts.BibliographicListQuery)
|| query.IsForEntity(EntityConsts.BibliographicListStandart))
{
if (_securityService.HasModulePermission(_securityService.CurrentUser, BiblListModule.Id, Permissions.Use))
{
if (_securityService.CurrentUser.UserType == UserTypes.Librarian)
return InspectionResult.Allow;
else if (_securityService.CurrentUser.UserType == UserTypes.Customer && query.IsForEntity(EntityConsts.BibliographicListQuery))
{
var relToMe = query.GetRelatedQuery(User.ENTITY, Roles.Customer);
if (relToMe != null && relToMe.GetSingleId().HasValue && relToMe.GetSingleId().Value == _securityService.CurrentUser.Id)
return InspectionResult.Allow;
else if (!query.HasInclude(User.ENTITY, Roles.Customer))
query.Include(User.ENTITY, Roles.Customer);
}
else
return InspectionResult.Allow;
}
}
else if (query.IsForEntity(Payment.ENTITY)
&& _securityService.CurrentUser.UserType == UserTypes.Librarian
&& _securityService.HasModulePermission(_securityService.CurrentUser, BiblListModule.Id, Permissions.Use))
{
if (query.GetRelatedQuery(EntityConsts.BibliographicListQuery, Roles.Payment) != null)
return InspectionResult.Allow;
else if (!query.HasInclude(EntityConsts.BibliographicListQuery, Roles.Payment))
query.Include(EntityConsts.BibliographicListQuery, Roles.Payment);
}
return InspectionResult.None;
}
public InspectionResult InspectResult(EntityQuery2 query, IEnumerable<Entity> entities)
{
if (query.IsForEntity(Payment.ENTITY))
{
bool mine = true;
foreach (var e in entities)
{
var rel = e.GetSingleRelation(User.ENTITY, Payment.ROLE_CUSTOMER);
if (rel == null || rel.Entity.Id != _securityService.CurrentUser.Id)
{
mine = false;
break;
}
}
if (mine)
return InspectionResult.Allow;
}
return InspectionResult.None;
}
public InspectionResult InspectQuery(EntityQuery2 query)
{
if (query.IsForEntity(Payment.ENTITY))
{
var cust = query.GetRelatedQuery(User.ENTITY, Payment.ROLE_CUSTOMER);
if (cust != null && cust.GetSingleId().HasValue && cust.GetSingleId().Value == _securityService.CurrentUser.Id)
return InspectionResult.Allow;
else if (!query.HasInclude(User.ENTITY, Payment.ROLE_CUSTOMER))
query.Include(User.ENTITY, Payment.ROLE_CUSTOMER);
}
return InspectionResult.None;
}
public InspectionResult InspectQuery(EntityQuery2 query)
{
if (query.IsForEntity(EntityConsts.Magazine)
|| query.IsForEntity(EntityConsts.Issue)
|| query.IsForEntity(EntityConsts.MagazineCategory)
|| (query.IsForEntity(User.ENTITY) && _securityService.CurrentUser.UserType == UserTypes.Librarian))
{
if (_securityService.HasModulePermission(_securityService.CurrentUser, MyMagazinesModule.Id, Permissions.Use))
{
return InspectionResult.Allow;//TODO: MyMagazines inspect query
}
}
else if (query.IsForEntity(Notification.ENTITY)
&& _securityService.CurrentUser.UserType == UserTypes.Librarian
&& _securityService.HasModulePermission(_securityService.CurrentUser, MyMagazinesModule.Id, Permissions.Use))
{
query.Include(EntityConsts.Issue, Notification.ROLE);
}
return InspectionResult.None;
}
public InspectionResult InspectResult(EntityQuery2 query, IEnumerable<Entity> entity)
{
if (query.IsForEntity(User.ENTITY))
{
foreach (var e in entity)
{
if (e.Data.ContainsKey("Password"))
{
e.SetData<string>("Password", "******");
}
}
if (_securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserManagement))
return InspectionResult.Allow;
else if (_securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserActivation))
{
foreach (var e in entity)
{
if (e.GetData<bool>("IsActive") == true)
return InspectionResult.None;
}
return InspectionResult.Allow; //Only inactive users are returned and the user has permission to see inactive users
}
}
else if (query.IsForEntity(UserGroup.ENTITY))
{
if (_securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserGroupManagement))
return InspectionResult.Allow;
}
foreach (var inc in query.Includes)
{
if (inc.Entity.Equals(User.ENTITY))
{
var rel = _domainService.Domain.Entities[query.Entity].GetRelation(inc.Entity, inc.Role);
if (rel != null && (rel.TypeFor(query.Entity) == RelationType.ManyToMany || rel.TypeFor(query.Entity) == RelationType.OneToMany))
{
foreach (var e in entity)
{
var users = e.GetManyRelations(inc.Entity, inc.Role);
foreach (var user in users)
{
if (user.Entity.Data.ContainsKey("Password"))
{
user.Entity.SetData<string>("Password", "******");
}
}
}
}
else if (rel != null)
{
foreach (var e in entity)
{
var user = e.GetSingleRelation(inc.Entity, inc.Role);
if (user != null && user.Data.ContainsKey("Password"))
{
user.SetData<string>("Password", "******");
}
}
}
}
}
return InspectionResult.None;
}
public InspectionResult InspectResult(EntityQuery2 query, IEnumerable<Entity> entities)
{
if (query.IsForEntity(NbuLibrary.Core.Domain.File.ENTITY))
{
foreach (var e in entities)
{
if (_fileService.HasAccess(_securityService.CurrentUser, e.Id))
return InspectionResult.Allow;
}
}
return InspectionResult.None;
}
public InspectionResult InspectResult(EntityQuery2 query, IEnumerable<Entity> entities)
{
if (query.IsForEntity(Notification.ENTITY)
&& _securityService.CurrentUser.UserType == UserTypes.Librarian
&& _securityService.HasModulePermission(_securityService.CurrentUser, MyMagazinesModule.Id, Permissions.Use))
{
bool allowed = true;
foreach (var entity in entities)
{
var issue = entity.GetSingleRelation(EntityConsts.Issue, Notification.ROLE);
if (issue == null)
{
allowed = false;
break;
}
}
if (allowed)
return InspectionResult.Allow;
}
return InspectionResult.None;
}